Update dependency org.springframework.boot:spring-boot-starter-web to v3.3.5 #365

mend-for-github-com · 2024-10-28T12:06:20Z

This PR contains the following updates:

Package	Type	Update	Change
org.springframework.boot:spring-boot-starter-web (source)	dependencies	patch	`3.3.4` -> `3.3.5`

By merging this PR, the issue #363 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	7.5	CVE-2024-38819

spring-projects/spring-boot (org.springframework.boot:spring-boot-starter-web)

Running mvn spring-boot:run with classpaths that exceeds Windows' length limits leaves temporary files #42841
Report produced by ConditionReportApplicationContextFailureProcessor is always empty in a failed test #42785
Case-insensitive comparisons may be adversely affected by the user's locale #42735
DataSourceProperties#driverClassIsLoadable should not print a stacktrace to the error stream when it fails #42683
Some @ControllerEndpoint and @RestControllerEndpoint infrastructure remains undeprecated #42498
Auto-configuration for Rabbit Streams doesn't consider RabbitConnectionDetails #42490
ClassNotFoundException is thrown when loading protocol resolvers from ForkJoinPool task #42468
ActiveMQ Artemis Connection Factory creation fails in native image #42421
Duplicate meter binding when context contains multiple registries, none are primary, and one or more is a composite #42397

Document that embedded Tomcat must be at least 10.1.25 #42849
Fix systemd example configuration #42805
Document that the exact behavior of the maximum HTTP request header size property is server-specific #42789
Clarify why @Primary is recommended when defining your own ObjectMapper that replaces JacksonAutoConfiguration's #42787
Polish javadoc for Binder#bindOrCreate(String, Class) #42778
Document that Tomcat's maxQueueCapacity need to be greater than 0 #42726
Remove stale link to jar-to-war getting started guide #42723
Fix typos and formatting errors in documentation #42718
Fix case used for examples in "Sanitize Sensitive Values" #42702
Fix Regex javadoc links #42685
Document how Map properties are bound from environment variables #42672
Improve classpath index documentation for reproducible builds #42643
Remove links to Spring Data GemFire #42596
Order alphabetically the sections in Common Application Properties #42520
Improve the javadoc describing when @ConditionalOn(Missing)Bean will infer the type to match #42505
Document how to handle MANIFEST.MF in native image with Maven #42476
Fix links to Micrometer reference doc #42467
Polish documentation #42454
Add Javadoc since for PrometheusScrapeEndpoint(PrometheusRegistry, Properties) #42406
Remove note about graceful shutdown with Tomcat requiring 9.0.33 or later as we now require 10.1.x #42382
Document support for Java 23 #42380
Improve documentation for CycloneDX integration #41506

Thank you to all the contributors who worked on this release:

… v3.3.5

Update dependency org.springframework.boot:spring-boot-starter-web to…

Loading
Loading status checks…

38c51e0

… v3.3.5

mend-for-github-com bot requested a review from dblock as a code owner October 28, 2024 12:06

mend-for-github-com bot added the security fix label Oct 28, 2024

mend-for-github-com bot requested review from reta and dlvenable as code owners October 28, 2024 12:06

reta approved these changes Oct 28, 2024

View reviewed changes

reta merged commit d5762c3 into main Oct 28, 2024
13 checks passed

mend-for-github-com bot deleted the whitesource-remediate/org.springframework.boot-spring-boot-starter-web-3.x branch October 28, 2024 12:42

Provide feedback